Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

A common question of Apache-Tomcat security  RSS feed

Jorma Ikonen
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys,
I'm developing a system what consists of applet, servlet and servers. The aim is that the applet makes an encrypted connection to the servlet what further creates a socket-connection to the selected servers.
The Apache-Tomcat is running on DMZ-area and only the port 80 is opened to out-direction. This should be ok, but the socket-connection requires also that the firewall is opened to in-direction. The question is that how huge security hole we are drilling? The servlet itself is / should be secure, but how about other issues (Tomcat configuration, operating system, etc.)? Used Apache-Tomcat version is 4.0.3 and operating system is Windows 2000 Pro .
If assuming that the web-server itself is secure, should I build up a process "watchdog" what closes the firewall automatically in case of web-server fall-down. Further, is there any available software to do that?
Thanks in advance.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!